Vulnerability Details CVE-2024-25735
An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can discover cleartext passwords via a SoftAP /device/config GET request.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.894
EPSS Ranking 99.5%
CVSS Severity
CVSS v3 Score 9.1
References
Products affected by CVE-2024-25735
-
cpe:2.3:h:wyrestorm:apollo_vx20:-
-
cpe:2.3:o:wyrestorm:apollo_vx20_firmware:-
-
cpe:2.3:o:wyrestorm:apollo_vx20_firmware:1.2.18
-
cpe:2.3:o:wyrestorm:apollo_vx20_firmware:1.2.25
-
cpe:2.3:o:wyrestorm:apollo_vx20_firmware:1.2.36
-
cpe:2.3:o:wyrestorm:apollo_vx20_firmware:1.3.17
-
cpe:2.3:o:wyrestorm:apollo_vx20_firmware:1.3.48